{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-12375", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-10-27T22:10:07.660Z", "datePublished": "2026-02-19T03:25:14.353Z", "dateUpdated": "2026-04-08T16:51:19.720Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T16:51:19.720Z"}, "affected": [{"vendor": "printful", "product": "Printful Integration for WooCommerce", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "2.2.11", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11 via the advanced size chart REST API endpoint. This is due to insufficient validation of user-supplied URLs before passing them to the download_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services."}], "title": "Printful Integration for WooCommerce <= 2.2.11 - Authenticated (Contributor+) Server-Side Request Forgery", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4cb410aa-3941-4e19-8de4-622a94766ee8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L170"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L210"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L67"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L259"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3439592%40printful-shipping-for-woocommerce&new=3439592%40printful-shipping-for-woocommerce&sfp_email=&sfph_mail="}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-918 Server-Side Request Forgery (SSRF)", "cweId": "CWE-918", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Adrian Lukita"}], "timeline": [{"time": "2026-02-18T14:59:59.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-02-19T17:04:30.310467Z", "id": "CVE-2025-12375", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T17:42:42.024Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-12375", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-19T17:04:30.310467Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-19T17:04:31.953Z"}}], "cna": {"title": "Printful Integration for WooCommerce <= 2.2.11 - Authenticated (Contributor+) Server-Side Request Forgery", "credits": [{"lang": "en", "type": "finder", "value": "Adrian Lukita"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "printful", "product": "Printful Integration for WooCommerce", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "2.2.11"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-02-18T14:59:59.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4cb410aa-3941-4e19-8de4-622a94766ee8?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L170"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L210"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L67"}, {"url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L259"}, {"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3439592%40printful-shipping-for-woocommerce&new=3439592%40printful-shipping-for-woocommerce&sfp_email=&sfph_mail="}], "descriptions": [{"lang": "en", "value": "The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11 via the advanced size chart REST API endpoint. This is due to insufficient validation of user-supplied URLs before passing them to the download_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-918", "description": "CWE-918 Server-Side Request Forgery (SSRF)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-02-19T03:25:14.353Z"}}}, "cveMetadata": {"cveId": "CVE-2025-12375", "state": "PUBLISHED", "dateUpdated": "2026-02-19T17:42:42.024Z", "dateReserved": "2025-10-27T22:10:07.660Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-02-19T03:25:14.353Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Printful Integration for WooCommerce plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 2.2.11 via the advanced size chart REST API endpoint. This is due to insufficient validation of user-supplied URLs before passing them to the download_url() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to make web requests to arbitrary locations originating from the web application which can be used to query and modify information from internal services."}, {"lang": "es", "value": "El plugin Printful Integration para WooCommerce para WordPress es vulnerable a falsificaci\u00f3n de petici\u00f3n del lado del servidor en todas las versiones hasta la, y incluida, 2.2.11 a trav\u00e9s del endpoint de la API REST del gr\u00e1fico de tallas avanzado. Esto se debe a la validaci\u00f3n insuficiente de las URL proporcionadas por el usuario antes de pasarlas a la funci\u00f3n download_url(). Esto hace posible que atacantes autenticados, con acceso de nivel Colaborador y superior, realicen peticiones web a ubicaciones arbitrarias originadas desde la aplicaci\u00f3n web, que pueden utilizarse para consultar y modificar informaci\u00f3n de servicios internos."}], "id": "CVE-2025-12375", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Secondary"}]}, "published": "2026-02-19T07:17:27.850", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L259"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-rest-api-controller.php#L67"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L170"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/printful-shipping-for-woocommerce/tags/2.2.11/includes/class-printful-size-guide.php#L210"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3439592%40printful-shipping-for-woocommerce&new=3439592%40printful-shipping-for-woocommerce&sfp_email=&sfph_mail="}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4cb410aa-3941-4e19-8de4-622a94766ee8?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-918"}], "source": "security@wordfence.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,2.2.11]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Printful Integration for WooCommerce", "source": "cna", "vendor": "printful"}, "product": "printful_integration_for_woocommerce", "vendor": "printful"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-04-22T11:35:29.662373+00:00", "value": {"mitigation_remediation": ["Upgrade the Printful Integration for WooCommerce plugin to a version newer than 2.2.11 that implements proper URL validation. ", "Limit Contributor account permissions or remove untrusted Contributor roles to close the authentication vector. ", "Apply a web\u2011application firewall or outbound request filter to block unexpected HTTP/HTTPS calls from the WordPress instance."], "summary": {"action": "Apply Patch", "impact": "Server\u2011Side Request Forgery"}, "threat_synthesis": {"affected_systems": "Any site running Printful Integration for WooCommerce up to and including version 2.2.11 is affected. The vulnerability is exploitable by users with Contributor level or higher access, meaning it primarily impacts authenticated users who can submit requests through the REST API.", "description_and_impact": "The Printful Integration for WooCommerce plugin contains a Server\u2011Side Request Forgery flaw located in the advanced size chart REST API endpoint. Insufficient validation of user\u2011supplied URLs before passing them to the download_url() function allows an attacker to cause the server to request arbitrary URLs. The resulting request can retrieve or alter data from external or internal services, leading to information disclosure or modification of privileged resources.", "risk_and_exploitability": "The CVSS score of 6.4 indicates a moderate severity once authenticated. The EPSS score of less than 1% denotes a low probability of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, but the required authentication and contributor permission mean the attack surface is limited to sites with a broader set of users. An attacker could potentially extract internal data or modify state within the WordPress environment if they obtain contributor access."}}}}, "created": "2026-02-19T10:07:40.471691+00:00", "updated": "2026-04-22T12:00:05.901871+00:00", "vendors": ["printful", "printful$PRODUCT$printful_integration_for_woocommerce", "wordpress", "wordpress$PRODUCT$wordpress"]}